Senior Vulnerability Management; VM Analyst

Verisign helps enable the security, stability, and resiliency of the internet. We are a trusted provider of internet infrastructure services for the networked world and deliver unmatched performance in domain name system (DNS) services.

We are a mission focused, values driven company where each individual can contribute to building a stronger, more secure internet. We offer a dynamic and flexible work environment with competitive benefits and the ability to grow your career.

Verisign is seeking a detail-oriented and proactive Senior Vulnerability Management (VM) Analyst with a focus on Secure Configuration Management (SCM) benchmark findings. This role will be responsible for analyzing, prioritizing, and remediating configuration-based vulnerabilities in collaboration with various technology teams. The ideal candidate will play a critical role in reducing risk by driving compliance with secure configuration baselines.

• Perform regular reviews and assessments of SCM benchmark findings to identify deviations from established security baselines
• Leverage vulnerability scanning tools (e.g., Tenable, Qualys, WIZ) and configuration management platforms to detect and track misconfigurations

• Collaborate with technology and security teams to prioritize remediation efforts based on risk impact, exploitability, and business impact
• Develop and maintain a risk-based prioritization framework for secure configuration findings
• Support the remediation of high-risk misconfigurations by providing technical guidance and best practices

• Work with infrastructure, cloud, and application teams to ensure configuration compliance with internal and industry standards
• Provide guidance on hardening system configurations (Windows, MAC, Linux, network devices, etc.) according to established benchmarks
• Track and validate remediation efforts to ensure effective closure of findings

• Generate and deliver reports on configuration vulnerabilities, trends, and remediation progress to key stakeholders
• Review remediation plans, exceptions, and compensating controls with stakeholders
• Ensure accurate and timely documentation of configuration changes and updates

• Stay current with emerging security vulnerabilities, best practices, and secure configuration standards
• Identify opportunities for automation and process enhancement to streamline SCM activities
• Contribute to the development and maintenance of configuration hardening guidelines

• 10+ years of experience in vulnerability management, security operations, or system administration
• Hands‑on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7) and configuration management platforms
• Familiarity with secure configuration benchmarks (CIS, DISA STIGs, etc.)
• Experience with Service Now Sec Ops
• Bachelors' degree or equivalent work experience

• Strong understanding of operating system hardening (Windows, MAC, Linux) and network device configurations
• Experience with Power Shell, Python, or scripting for automation is a plus
• Knowledge of SIEM, SOAR, and ITSM platforms is beneficial

• Excellent analytical and problem‑solving skills
• Strong communication skills with the ability to collaborate and influence across technology teams
• Detail‑oriented with the ability to manage multiple priorities effectively
• Ability to partner with remediation teams to focus on remediation targets

• Certifications such as CompTIA Security+, GIAC GCIH, CISSP, or CISA
• Experience with cloud security configurations (AWS, Azure, GCP)
• Familiarity with compliance frameworks (NIST, ISO 27001, PCI DSS)

This position is based in our Reston, VA office and offers a hybrid work environment.

The pay range is $164,300 - $222,300. The anticipated annual base salary range for this position is noted above, however, base pay offered may vary depending on job‑related knowledge, skills, experience. Verisign offers a discretionary bonus which is based on individual and company performance, and certain roles may be eligible for discretionary stock awards.

Verisign is an equal opportunity employer. That means we recruit, hire, compensate, train, promote, transfer, and administer all terms and conditions of employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, age, protected veteran status, disability, or other protected categories under applicable law.

• Our Careers Page
• Our Benefits Summary
• Verisign in the Community
• Our EEO Statement
• Our Privacy Notice for Job Applicants/Candidates
• Reasonable Accommodations

Staffing agency policy:
No fees will be paid for unsolicited resumes submitted to Verisign or our employees by third parties.